https://www.theregister.co.uk/2017/10/04/sole_security_worker_at_fault_for_equifax_fail_says_former_ceo/

Recently-and-forcibly-retired Equifax CEO Rick Smith has laid the blame for the company's data breach on a single member of the company's security team.

In testimony before the Department of Energy and Subcommittee on Digital Commerce and Consumer Protection, Smith explained that the company has a protocol whereby news of new patches is communicate to the appropriate people within a certain time. When CVE-2017-5638 landed in March 2017, bearing bad news about Apache Struts, that protocol broke down due to human error.